Hello,

I do not really have 3.3.7 version at my hand, so I did not really dig in if that version supports or not. Well it seems it is from v3.4.1, for this option you have to update at least to that.

I do not see a reason why won't it work, and you could use stuff like system() source.

--
Kokan

On Thu, Sep 27, 2018 at 5:44 PM venkateswarlu vinjamuri <venkates.vin@gmail.com> wrote:
Thanks kokan for your reply,

I am getting the below error after making the change as you suggested
destination df_remote_0 {syslog("::1" transport("udp") ip-protocol(6));};

Error:
=====
Error parsing afsocket, inner-dest plugin ip-protocol not found in /etc/syslog-ng/syslog-ng.conf at line 45, column 78:
destination df_remote_0 {syslog(":1" transport("udp") ip-protocol(6));};
                                                                             ^^^^^^^^^^^
Please suggest.

Regards,
V/

On Thu, Sep 27, 2018 at 7:56 PM Péter, Kókai <peter.kokai@oneidentity.com> wrote:
Hello,

The error message lists the correct transport methods: *please use one of udp, tcp, or tls;* 
There is no such option udp6, you could use specify ipv6 via ip-protocol(4/6)

All together syslog("::1" transport("udp") ip-protocol(6)); should work.

--
Kokan

On Thu, Sep 27, 2018 at 4:09 PM venkateswarlu vinjamuri <venkates.vin@gmail.com> wrote:
Hi,

issue: syslog-ng is not starting if we configure IPV6 IP along with RFC-5424 format
Using below command to run syslog-ng:
/sbin/syslog-ng -f /etc/syslog-ng/syslog-ng.conf -R /var/syslog-ng.persist -p /var/syslog-ng.pid

Getting the below error:
------------------------------
syslog-ng: Error changing to 
Unknown syslog transport specified, please use one of udp, tcp, or tls; transport='udp6', id='df_remote_0#0'

Could anyone please let me know what should be the configuration in syslog-ng.conf for IPV6 syslog-ng server IP with RFC-5424 format.

we are using syslog-ng-3.3.7 version.

If the below configuration is correct, will it work if we upgrade to newer version with the below configuration?

I am using the below configuration in syslog-ng.conf:
========================================
options {
  stats_freq (0);
  flush_lines (0);
  time_reopen (10);
  log_fifo_size (10000);
  chain_hostnames (off);
  use_dns (no);
  create_dirs (no);
  keep_hostname (no);
  perm(0640);
  group("root");
};


# sources
source s_all {
 internal(); 
unix-stream("/dev/log"); 
file("/proc/kmsg" program_override("kernel: "));
 };


filter f_remote { facility(local7); };
destination df_remote_0 {syslog("xxxx:xxxx:xxxx:xxxx:xxxx" transport("udp6"));};
log { source(s_all); filter(f_remote); destination(df_remote_0

Please help if there is any issue in the above configuration?

Regards,
V/
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq

______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq

______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq